The Data Protection Commission (DPC) has announced that it has opened an inquiry into social media platform X over the use of the AI tool Grok to generate sexualised images of adults and children.
The DPC said the investigation concerns the apparent creation, and publication on the X platform, of potentially harmful, non-consensual intimate and/or sexualised images containing or otherwise involving the processing of personal data.
The inquiry will focus on the generative artificial intelligence functionality associated with the Grok large language model via the @Grok account within the X platform.
The decision to open the investigation was notified to X yesterday.
According to the DPC, the purpose of the inquiry is to determine whether X has complied with its obligations under the General Data Protection Regulation (GDPR) in areas including the principles of data processing, the lawfulness of processing, data protection by design and default, and the requirement to carry out a data protection impact assessment.
"The DPC has been engaging with X Internet Unlimited Company (XIUC) since media reports first emerged a number of weeks ago concerning the alleged ability of X users to prompt the @Grok account on X to generate sexualised images of real people, including children," said DPC Deputy Commissioner Graham Doyle.
"As the Lead Supervisory Authority for XIUC across the EU/EEA, the DPC has commenced a large-scale inquiry which will examine XIUC's compliance with some of their fundamental obligations under the GDPR in relation to the matters at hand," Mr Doyle said.
X has been contacted for comment.
Last month, the European Commission launched an investigation into Grok under the EU's Digital Services Act (DSA).
Irish media regulator Coimisiún na Meán is expected to play a leading role in the EU investigation because X’s European headquarters are in Dublin.
